Request Network (hereinafter "Request", “we”, or “Request Network”) is the one who collects and processes Your Data. 

What is this document? 

This Privacy Policy aims to inform You of how Request collects and uses Your, personal or not, Data, as a data controller, and how You can exercise Your rights. 

This policy is part of the legal documentation You accept by using our Services. You must not use our Services if You don’t agree with those terms. You are responsible for ensuring that all persons who access or use the Services through Your Device, apps, programs, company account, or internet connection are aware of those documents and that they comply with them.

Request reserves the right to modify this policy at any time and without prior notice, in particular in order to meet all its operational, legal, and regulatory constraints. Please check this page regularly to stay up-to-date on the latest version. 

This policy does not govern the processing of personal data carried out on Your behalf, as a data controller, by Request Network, as a data processor.

What definitions should You know? 

“Data controller” means the person collecting and processing the Data. Here, the Data controller is Request Network. 

“Data processor” means a natural or legal person, public authority, agency, or other body which processes personal Data on behalf of the Data controller. 

“Data” means all information, facts, and statistics collected together.

“Personal Data” means any information that directly, indirectly, or in connection with other information allows for the identification or identifiability of a natural person.

“You” or “Your” means You as a natural person or professional and the company, organization, and/or entity electronically accessing our Services.

“Privacy Policy” means this document, applying to website visitor or user of our Services. 

“Website” means all the Request Websites (including their subdomains), apps, and Services. 

“Device” means Your computer, mobile, or any Device You use to access our Website.

“DPO” means Data protection officer. 

Which Data do we collect? 

Your action: Contacting us

Data collected: Names, email address, address, company information, job title

Data usage: Manage relationship, preventing fraud, managing support, sending notifications

Legal basis: Your consent

Retention: 2 years after the last contact if You have not closed it before

Your action: Request to receive marketing emails (including our newsletter)

Data collected: Email address, logs

Data usage: Sending emails on our latest developments, promotions, business relations, customer survey, marketing

Legal basis: Your consent

Retention: 3 years from the request

Your action: Request sent to customer support

Data collected: Names, email, telephone number, social media profile, content of our exchanges, identification document (if necessary), crypto address and network

Data usage: Processing the request, quality control, verifying information is correct, preventing fraud, training of our teams

Legal basis: Execution of our contract

Retention: 5 years from the request

Your action: Browsing our Websites

Data collected: Cookies, IP address, geographical position, operating system, browser, devices used, date of visit, URLs of clickstream, errors, duration of visit, page interaction

Data usage: Bug-fixing, analytics, combating fraud, personalizing Your experience

Legal basis: Legitimate interest for technical cookies & Consent for functional, performance, and advertising cookies

Retention: Dependent on the purpose of the trackers

Your action: Participation in customer surveys

Data collected: Names, address, company name, country, email address, geographic position, number of employees, phone number, profession, state, usage data, product opinion, comments

Data usage: Carrying out marketing studies, improving our products and services

Legal basis: Legitimate interest

Retention: 3 years from the participation

Your action: Request to be re-contacted on the subject of our B2B products

Data collected: Names, company information, role, email address

Data usage: Making contact, sending emails on our latest developments, promotions, and customer surveys, marketing

Legal basis: Your consent

Retention: 3 years from the request

Please note that some Data are also collected by third parties accessible on our Services. For example, if You use our partners’ services, Data (like Your name, date of birth, address, company, etc.) can be collected by our partners (or by Request on their behalf) to meet their anti-money laundering and customer-identification obligations. Request is not responsible for the way in which our partners use Your Data. If You have any questions on this subject, please consult their privacy policy.

How do we use Your Data?

To sum up the previous table, Request uses Your Data for the following purposes:

• To conclude and manage our contracts,

• To provide our services,

• To manage client files,

• To manage prospect files,

• To create statistics,

• To carry out satisfaction surveys,

• To manage complaints, customer support, and disputes,

• To personalize, maintain, and improve our Services and features, 

• To improve the security of our Services,

• To make research & development and train our teams,

• To comply with our regulatory obligations, and, in particular, the fight against fraud, money laundering and the financing of terrorism,

• To manage requests to exercise rights under regulations applicable to the processing of personal Data.

Request does not sell or share Your personal information with third parties for direct marketing purposes.

What about cookies? 

Request uses cookies and other identifying technologies on its Services. To learn more about how Request uses cookies, please refer to our Cookie Policy. 

Cookies are small text files stored in Your browser or Device by Websites, apps, online media, and advertisements. Request uses cookies and similar techniques for the following purposes:

• Authenticate Users,

• Remember User preferences and settings,

• Establish the popularity of the content,

• Deliver and measure the effectiveness of advertising campaigns,

• Analyze site traffic and trends, and generally understand the online behaviors and interests of people who interact with our Services. 

How do we share Your Data? 

For operational purposes

To operate its Services, Request may share Your Data with its service providers and business partners, who are expressly bound not to disclose or use them to any other end. This may concern, for example:

• payment institutions or electronic money institutions;

• cloud storage providers;

• marketing partners and marketing platform providers;

• data analytics providers;

• consultants, lawyers, accountants, and other professional services providers. 

For legal purposes or in the event of a dispute

Request may release Your Data if a law, regulation, operating agreement, legal process, or government request requires it.

This involves the communication of Your Data to the authorities or governmental institutions to protect the rights of Request, or the rights, safety, or property of third parties, or in the event of a claim or dispute relating to Your use of our Services. 

For corporate purposes

If Request sells, merges, or transfers any part of its business, it may be required to share Your Data. If so, You will be asked if You'd like to stop receiving promotional information following any change of control.

‍With Your Consent

Other than as stated above, Request will provide You with prior notice and the opportunity to choose when Your Data may be shared with other third parties.

Where and for how long are Your Data stored?

Your Data are stored in Europe, but we might have to transfer them to countries outside the European Economic Area to provide You with our services. 

We only share Your Data with companies and partners established in a country recognized as offering an adequate level of protection, or with which we have signed standard contractual clauses, or that commit to applying a code of conduct or a certification mechanism validated by the competent authorities.

Your Data are kept for the following periods:

Please, refer to the previous table. 

The following Data are stored for different periods:

• Financial Data (e.g., payments, refunds, etc.) are kept for the duration required by applicable tax and accounting laws;

• For technical reasons, everything that is stored on the blockchain remains unalterable; 

• In terms of litigation management: 

  • The Data processed to manage a pre-litigation will be deleted as soon as the dispute is settled amicably or, failing that, as soon as the corresponding legal action expires,

  • The Data processed to manage a dispute will be deleted when appeals are no longer possible against the decision rendered to have it executed,

  • At the end of these periods, the Data is securely deleted or archived in accordance with applicable law, 

  • Decisions rendered may be retained by Request as a definitive archive due to historical interest. 

• In terms of managing requests to exercise the rights granted to Personal Data: 

  • The Data processed are kept for the duration of the examination of Your request, then archived in accordance with the limitation periods in force (5 years), 

  • Data relating to identity documents will be kept for one (1) year in compliance with the applicable legal deadlines, 

  • In the event of opposition, the Data will be kept for a minimum period of three (3) years to guarantee the effectiveness of Your right of opposition.

For more information on Your Data retention periods, You can contact the DPO of Request at hello@request.network.

What are Your rights?

Depending on Your location and subject to applicable law, You may have the following rights described here with regard to the Data we control about You:

• The right to request confirmation of whether Request processes Personal Data relating to You, and if so, to request a copy of that Personal Data;

• The right to request that Request rectifies or updates Your Personal Data that is inaccurate, incomplete, or outdated;

• The right to request that Request erases Your Personal Data in certain circumstances provided by law;

• The right to request that Request restricts the use of Your Personal Data in certain circumstances;

• The right to request that Request exports Your Personal Data that we hold to another company, where technically feasible;

• Where the processing of Your Personal Data is based on Your previously given consent, You have the right to withdraw Your consent at any time; and/or

• Where Request processes Your Personal Data based on our legitimate interests, You may also have the right to object to the processing. 

To exercise these rights, You can send an e-mail to the address hello@request.network. All requests must specify, in the subject line, the reason for the request (exercise of the right of access, opposition, etc.), the address to which the response must be sent, and the company concerned by the request. 

To exercise Your rights, You must prove Your identity by any means. Where Request has reasonable doubts about Your identity, You may be asked to provide additional information necessary to confirm Your identity. 

Request will send You its response within a maximum period of one (1) month from the date of receipt of Your request. However, this period may be extended by two (2) months due to the complexity and number of requests. 

Finally, You can contact the competent supervisory authority for Data protection in Your region.

What are the legal bases of processing?

To summarize the previous table, Request processes Data under the following legal basis:

• execution of a contract. For the most part, the Data that Request collects are those that are necessary for the execution of our Services;

• legal obligations. Certain Data must necessarily be collected by Request in order to comply with our legal obligations;

• Your consent. Request will be able to process certain Data after obtaining Your consent, for example, for prospecting operations. Mandatory Data are marked with an asterisk; 

• our legitimate interest. Finally, some Data collected are necessary for the legitimate purposes that Request pursues, in particular and without limitation, the management of the Services, the research, the development and the improvement of our Services (in particular via surveys), personalization of Your customer experience, fraud prevention, network security.

What are our protection measures?

Request implements all technical and organizational measures it deems necessary to safeguard Your Data at an appropriate level of security, including:

• An awareness program and employee training,

• Encryption during exchanges and storage,

• Data redundancy for more resilience in the event of a catastrophe,

• Role-based authentication,

• Two-factor authentication for our authorized contributors,

• Continuous monitoring of the system,

• Security assessments in line with industry standards,

• Bug bounty program,

• Administrative access to our servers is limited to certain people duly identified with our hosting provider. 

To assess the appropriate security level, Request takes into account, among other things, the nature of the Data and the risks its processing presents. Although we strive to ensure optimal Data protection, we would remind You that transmitting information on the Internet is not entirely secure.

To help us protect Your Data, Request encourages You to use a strong password and never share it with anyone or use the same password with other sites or accounts. If You have reason to believe that Your interaction with our Services is no longer secure (e.g., You feel that the security of Your account has been compromised), please contact Request at hello@request.network immediately.

Previous version

• 2024